Hi Uma, Thanks for the feedback. On Nov 14, 2012, at 7:30 PM, Uma Maheswara Rao G wrote:
> Hi Flavio, > > Thanks a lot for the post. It is greatly explained how BK used with Hedwig. > > How about having some more info about BKJM? I think Ivan might have > written docs about it already. > I think Ivan should have written a blog post about BKJM a while back... but no pressure really. :-) > One question, currently BookKeeper does not have security feature > ready right? How you mange this in production cluster? is that systems > running in trusted zone and because running under push gateway? Great question. We have considered a number of options for BK: 1- Using something like iptables to block connection requests from non-listed hosts. Given that BK is actually an internal service (internal to a product), this solution works ok; 2- Authenticating through ZooKeeper, which means that a connection request only goes through the client requesting it is able to create a znode. We then rely upon ZooKeeper authentication to do the rest of the job; 3- We have developed an experimental authentication code that is able to use the authentication framework we use internally. Different properties opted for different solutions. Perhaps folks on the list from Yahoo! could comment more on the choices for their respective products. -Flavio > > On Wed, Nov 14, 2012 at 9:08 PM, Flavio Junqueira <f...@yahoo-inc.com> wrote: >> I haven't seen reactions from the community about the post, and I was >> wondering if people felt it was useful, what kind of detail was missing, >> etc. This kind of feedback would be great for a follow-up post perhaps. >> >> Let me know, please. >> >> -Flavio >> >> On Nov 12, 2012, at 6:10 PM, Flavio Junqueira wrote: >> >>> FYI: >>> http://developer.yahoo.com/blogs/ydn/posts/2012/11/bookkeeper-durability-at-scale/ >>> >>> -Flavio >>
